The U.S. government said Monday that it has issued fresh financial sanctions against five individuals and a corporate entity associated with spyware-making consortium Intellexa, months after the government sanctioned its founder. From a report: In its latest statement, the U.S. Treasury said it sanctioned the five people, including senior Intellexa executives and associates, who are alleged to be involved in the sale of Intellexa's phone spyware, dubbed Predator, to authoritarian governments. Predator can be used to hack into fully patched phones nearly invisibly, allowing the organization that deployed the spyware to obtain complete access to the target's device, including their private messages and real-time location. The Treasury said the spyware has been used to target U.S. government officials, journalists, and opposition politicians.

The sanctions include Felix Bitzios, who owns an Intellexa consortium company that the Treasury says was used to supply Predator spyware to an unnamed foreign government; Merom Harpaz and Panagiota Karaoli, who hold senior positions in Intellexa's corporate structure, according to the Treasury; and Andrea Nicola Constantino Hermes Gambazzi, who the Treasury says was involved in processing transactions for companies within Intellexa's consortium. The Treasury added that the Aliada Group, a company based in the British Virgin Islands and a member of the Intellexa group of companies, was also sanctioned for enabling tens of millions of dollars in transactions for the spyware-making consortium. A senior U.S. government official told reporters during a background call on Monday that the latest round of sanctions were part of the government's ongoing effort to target the commercial spyware industry. The U.S. official said the government was tracking money flows and movements to determine what entities might be trying to avoid or circumvent the sanctions.

An anonymous reader quotes a report from Ars Technica: Researchers still don't know the cause of a recently discovered malware infection affecting almost 1.3 million streaming devices running an open source version of Android in almost 200 countries. Security firm Doctor Web reported Thursday that malware named Android.Vo1d has backdoored the Android-based boxes by putting malicious components in their system storage area, where they can be updated with additional malware at any time by command-and-control servers. Google representatives said the infected devices are running operating systems based on the Android Open Source Project, a version overseen by Google but distinct from Android TV, a proprietary version restricted to licensed device makers.

Although Doctor Web has a thorough understanding of Vo1d and the exceptional reach it has achieved, company researchers say they have yet to determine the attack vector that has led to the infections. "At the moment, the source of the TV boxes' backdoor infection remains unknown," Thursday's post stated. "One possible infection vector could be an attack by an intermediate malware that exploits operating system vulnerabilities to gain root privileges. Another possible vector could be the use of unofficial firmware versions with built-in root access." The following device models infected by Vo1d are: [R4, TV BOX, KJ-SMART4KVIP].

One possible cause of the infections is that the devices are running outdated versions that are vulnerable to exploits that remotely execute malicious code on them. Versions 7.1, 10.1, and 12.1, for example, were released in 2016, 2019, and 2022, respectively. What's more, Doctor Web said it's not unusual for budget device manufacturers to install older OS versions in streaming boxes and make them appear more attractive by passing them off as more up-to-date models. Further, while only licensed device makers are permitted to modify Google's AndroidTV, any device maker is free to make changes to open source versions. That leaves open the possibility that the devices were infected in the supply chain and were already compromised by the time they were purchased by the end user. "These off-brand devices discovered to be infected were not Play Protect certified Android devices," Google said in a statement. "If a device isn't Play Protect certified, Google doesn't have a record of security and compatibility test results. Play Protect certified Android devices undergo extensive testing to ensure quality and user safety."

Users can confirm if their device runs Android TV OS via this link and following the steps here.

Dell and HP executives have acknowledged a delay in the anticipated commercial PC refresh cycle. Michael Dell, speaking at the Citi 2024 Global TMT conference, stated that the refresh cycle "has been delayed for sure." The Register adds: Without offering any reasons for postponement -- and not being pressed for one by the analyst interviewing him -- the billionaire reckoned the size of the refresh is "going to be even bigger" because of it. "So first of all we have a certain date with Windows 10 end-of-life and we're almost within a one year window of that, and as you get in that one-year window, the enterprise IT people start screwing around and saying, 'Oh, we better do something about this'," said Dell.

Enrique Lores, CEO at rival PC maker HP, who spoke at the Goldman Sachs Communacopia + Technology conference this week, agreed enterprises are also about to invest in new lines. "First of all there is a large and aging installed base on PCs. Many of these PCs were bought during COVID and now we are four [or] five years after they were bought and they will have to be replaced. "We also see an opportunity driven by the Windows 11 refresh that is only starting now... this is what is behind some of the strength that we see on the commercial side. Microsoft⦠will start discontinuing their support for the previous versions, and this always ties the replacement and upgrade," he said, adding "this is going to be driving demand in the coming quarters."

Apple asked a court Friday to dismiss its three-year-old hacking lawsuit against spyware pioneer NSO Group, arguing that it might never be able to get the most critical files about NSO's Pegasus surveillance tool and that its own disclosures could aid NSO and its increasing number of rivals. From a report: A redacted version of the filing in San Francisco federal court cited a July article in the Guardian, which reported that Israeli officials had taken files from NSO's headquarters. The newspaper said the officials asked an Israeli court to keep the action secret even from those involved in an earlier, still pending hacking suit against NSO filed by Meta's WhatsApp. Israeli ministry of justice communications that were hacked showed that officials were concerned about sensitive information reaching Americans, the newspaper said.

"While Apple takes no position on the truth or falsity of the Guardian Story described above, its existence presents cause for concern about the potential for Apple to obtain the discovery it needs," the iPhone maker wrote in its filing Friday. Israeli officials have not disputed the authenticity of the documents but have denied interfering in the U.S. litigation.

Unity is canceling the Runtime Fee and reverting back to its existing seat-based subscription model, albeit with a price increase for Unity Pro and Unity Enterprise users. From a report: The engine maker introduced the controversial levy around a year ago. Initially, the Runtime Fee sought to charge developers a per install tariff once projects had passed certain milestones. It was a decision that left many users reeling, resulting in a colossal backlash that ultimately forced the company to rework-but not ditch-the policy.

The fallout, however, was enormous. A number of high-profile creators lambasted Unity and threatened to ditch the engine over what they felt was a huge betrayal of trust. Unity's inability to quickly resolve the issue and communicate effectively with customers only added fuel to that fire. Two weeks after the debacle, Unity CEO and president John Riccitiello departed the company. Unity Create boss Marc Whitten eventually followed suit. Unity is now attempting to course correct under the leadership of new CEO Matthew Bromberg, who hopes canceling the Runtime can reestablish a partnership "built on trust."

Samsung Electronics, the world's top maker of smartphones, TVs and memory chips, is cutting up to 30% of its overseas staff at some divisions, Reuters reported Wednesday, citing sources with direct knowledge of the matter. From the report: South Korea-based Samsung has instructed subsidiaries worldwide to reduce sales and marketing staff by about 15% and the administrative staff by up to 30%, two of the sources said. The plan will be implemented by the end of this year and would impact jobs across the Americas, Europe, Asia and Africa, one person said.

[...] It is not clear how many people would be let go and which countries and business units would be most affected. In a statement, Samsung said workforce adjustments conducted at some overseas operations were routine, and aimed at improving efficiency. Samsung employed a total of 267,800 people as of the end of 2023, and more than half, or 147,000 employees, are based overseas, according to its latest sustainability report.

An anonymous reader quotes a report from Axios: The German company says it may close plants in its home country amid what CEO Oliver Blume reportedly called "a very demanding and serious situation" for the European automotive industry. That would mark the first-ever German plant closures in the company's nearly nine-decade history. VW is facing a pair of competition-related challenges -- one outside its control, and the other of its own making. Chinese automakers are wresting market share away from VW in China, where it once held the highest share of any automaker. The company's China sales have fallen from 4 million in 2017 to an estimated 2.5 million in 2024, according to Dunne Insights analyst Michael Dunne. And its Chinese competitors are bringing cheap electric vehicles to VW's other critical market: Europe. Another part of the problem is that VW is a bloated company compared with its competitors, meaning it has less margin for error.

The company had some 684,000 employees in 2023. That's about 309,000 more than the ever-efficient Toyota, which sold about 2 million more vehicles than VW worldwide last year. The VW brand's profit margin fell from 3.8% in 2023 to 2.3% in the first half of 2024, moving in the wrong direction from the company's long-term target of 6.5%, according to Evercore ISI analyst Chris McNally. Hence the "drastic attempt to cut costs" as the company's bottom line suffers, McNally writes. But VW isn't just facing operational issues and increased competition in key markets -- it's also falling behind on technology. The company recently agreed to invest in Rivian to get help from the American startup on EV development despite having 40 times more employees than its new partner. And VW's long-awaited ID. Buzz -- its EV revival of its famed microbus -- recently disappointed enthusiasts with underwhelming battery range of 234 miles and a starting price of about $60,000.

The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-size device vulnerable to cloning when an attacker gains brief physical access to it, researchers said Tuesday. ArsTechnica: The cryptographic flaw, known as a side channel, resides in a small microcontroller that's used in a vast number of other authentication devices, including smartcards used in banking, electronic passports, and the accessing of secure areas. While the researchers have confirmed all YubiKey 5 series models can be cloned, they haven't tested other devices using the microcontroller, which is SLE78 made by Infineon and successor microcontrollers known as the Infineon Optiga Trust M and the Infineon Optiga TPM. The researchers suspect that any device using any of these three microcontrollers and the Infineon cryptographic library contain the same vulnerability.

YubiKey-maker Yubico issued an advisory in coordination with a detailed disclosure report from NinjaLab, the security firm that reverse-engineered the YubiKey 5 series and devised the cloning attack. All YubiKeys running firmware prior to version 5.7 -- which was released in May and replaces the Infineon cryptolibrary with a custom one -- are vulnerable. Updating key firmware on the YubiKey isn't possible. That leaves all affected YubiKeys permanently vulnerable.

Nvidia dominates the chips at the center of the AI boom. It wants to conquer almost everything else that makes those chips tick, too. From a report: Chief Executive Jensen Huang is increasingly broadening his company's focus -- and seeking to widen its advantage over competitors -- by offering software, data-center design services and networking technology in addition to its powerful silicon brains. More than a supplier of a valuable hardware component, he is trying to build Nvidia into a one-stop shop for all the key elements in the data centers where tools like OpenAI's ChatGPT are created and deployed -- or what he calls "AI factories."

Huang emphasized Nvidia's growing prowess at data-center design following an earnings report Wednesday that exceeded Wall Street forecasts. The report came days after rival AMD agreed to pay nearly $5 billion to buy data-center design and manufacturing company ZT Systems to try to gain ground on Nvidia. "We have the ability fairly uniquely to integrate to design an AI factory because we have all the parts," Huang said in a call with analysts. "It's not possible to come up with a new AI factory every year unless you have all the parts." It is a strategy designed to extend the business success that has made Nvidia one of the world's most valuable companies -- and to insulate it from rivals eager to eat into its AI-chip market share, estimated at more than 80%. Gobbling up more of the value in AI data centers both adds revenue and makes its offerings stickier for customers.

[...] Nvidia is building on the effectiveness of its 17-year-old proprietary software, called CUDA, which enables programmers to use its chips. More recently, Huang has been pushing resources into a superfast networking protocol called InfiniBand, after acquiring the technology's main equipment maker, Mellanox Technologies, five years ago for nearly $7 billion. Analysts estimate that InfiniBand is used in most AI-training deployments. Nvidia is also building a business that supplies AI-optimized Ethernet, a form of networking widely used in traditional data centers. The Ethernet business is expected to generate billions of dollars in revenue within a year, Chief Financial Officer Colette Kress said Wednesday. More broadly, Nvidia sells products including central processors and networking chips for a range of other data-center equipment that is fine-tuned to work seamlessly together.

Apple is in talks to invest in OpenAI, a move that would cement ties to a partner integral to its efforts to gain ground in the artificial-intelligence race. WSJ: The investment would be part of a new OpenAI fundraising round that would value the ChatGPT maker above $100 billion, people familiar with the situation said. The Wall Street Journal reported Wednesday that venture-capital firm Thrive Capital is leading the round, which will total several billion dollars, and Apple rival Microsoft is also expected to participate.

It couldn't be learned how much Apple or Microsoft will invest into OpenAI this round. To date, Microsoft has been the primary strategic investor into OpenAI. It owns a 49% share of the AI startup's profits after investing $13 billion since 2019. Apple in June announced OpenAI as the first official partner for Apple Intelligence, its system for infusing AI features throughout its operating system. The new AI will feature an improved Siri voice assistant, text proofreading and creating custom emojis.

An anonymous reader shares a report: OpenAI lacks advanced security and customer support. It's just a research company, not an established cloud provider. The ChatGPT-maker is not focused enough on corporate customers. These are just some of the talking points Amazon Web Services' salespeople are told to follow when dealing with customers using, or close to buying, OpenAI's products, according to internal sales guidelines obtained by Business Insider. Other talking points from the documents include OpenAI's lack of access to third-party AI models and weak enterprise-level contracts. AWS salespeople should dispel the hype around AI chatbots like ChatGPT, and steer the conversation toward AWS's strength of running the cloud infrastructure behind popular AI services, the guidelines added.

[...] The effort to criticize OpenAI is also unusual for Amazon, which often says it's so customer-obsessed that it pays little attention to competitors. This is the latest sign that suggests Amazon knows it has work to do to catch up in the AI race. OpenAI, Microsoft, and Google have taken an early lead and could become the main platforms where developers build new AI products and tools. Though Amazon created a new AGI team last year, the company's existing AI models are considered less powerful than those made by its biggest competitors. Instead, Amazon has prioritized selling AI tools like Bedrock, which gives customers access to third-party AI models. AWS also offers cloud access to in-house AI chips that compete with Nvidia GPUs, with mixed results so far.

Apple will change how users choose browser options in the European Union, add a dedicated section for changing default apps, and make more apps deletable, the company said on Thursday. From a report: The iPhone maker came under pressure from regulators to make changes after the EU's sweeping Digital Markets Act took effect on March 7, forcing it to offer mobile users the ability to select from a list of available web browsers on a "choice screen" the first time they open Safari. In an update later this year, Apple users will be able to select a default browser directly from the choice screen after going through a mandatory list of options.

A randomly ordered list of 12 browsers per EU country will be shown to the user with short descriptions, and the chosen one will be automatically downloaded, Apple said. The choice screen will also be available on iPads through an update later this year. Apple released a previous update in response to the new rules in March, but browser companies criticized the design of its choice screen, and the Commission opened an investigation on March 25 saying it suspected that the measures fell short of effective compliance. [...] Users will also be able to delete certain Apple-made apps such as App Store, Messages, Camera, Photos and Safari.

The Verge's Tom Warren reports: Valve is banning Counter-Strike 2 players from using keyboard features to automate perfect counter-strafes. Razer was the first keyboard maker to add a Simultaneous Opposing Cardinal Directions (SOCD) feature to its range of Huntsman V3 Pro keyboards last month, followed shortly by Wooting. Using Snap Tap as Razer calls it or Wooting's Snappy Tappy will now get you kicked from Counter-Strike 2 games.

"Recently, some hardware features have blurred the line between manual input and automation, so we've decided to draw a clear line on what is or isn't acceptable in Counter-Strike," says Valve. "We are no longer going to allow automation (via scripting or hardware) that circumvent these core skills and, moving forward, (and initially -- exclusively on Valve Official Servers) players suspected of automating multiple player actions from a single game input may be kicked from their match." [...]

Razer and Wooting's SOCD features both let players automate switching strafe directions without having to learn the skill. Normally, to switch strafe directions in a first-person shooter, you have to fully release one key before pressing the other. If both are pressed, they cancel each other, and you stand there for a moment until you release one of the keys. SOCD means you don't need to release a key and you can rapidly tap the A or D key to counter-strafe with little to no effort.

Nothing, a British startup seeking to challenge Apple's smartphone dominance, is hauling its employees back to the office full-time in the quest for growth. From a report: In a lengthy email disparaging remote work, which had been a tenet of Nothing CEO Carl Pei's workplace policy since its creation four years ago, Pei explained why his 450 employees needed to come to the office five days a week. "Remote work is not compatible with a high ambition level plus high speed," Pei said in an email to staff, which he shared on LinkedIn.

Pei gave three reasons for the strict return-to-office mandate. First, he said, the logistics of developing a smartphone, where design, engineering, and manufacturing departments collaborate, weren't conducive to remote working. He added that creativity and innovation worked better in person, allowing the company to do more with fewer resources. Third, Pei said Nothing's ambitions to scale to become a "generation-defining company" wouldn't be achievable with remote work.

According to Pei's email, the new mandate will take effect in two months, and he intends to hold a town hall in London to answer employees' questions. In his email, the Nothing CEO also suggested that employees who could not commit to five days in the office look for other employment. "We know it's not the right type of setup for everybody, and that's okay. We should look for a mutual fit. You should find an environment where you thrive, and we need to find people who want to go the full mile with us in the decades ahead."

Smonster writes: The maker of the Snoo, a popular high-tech bassinet, touched off a firestorm of outrage after requiring a paid subscription to use several key features. Most new parents are looking for a way to reclaim even a hint of the sleep they used to get pre-infant. So a smart bassinet that uses sensors to detect when a crying baby needs pacifying, simulating the sounds and rhythms of the womb, offers an irresistible promise to sleep-strapped parents: another hour or two of shut-eye. The dream doesn't come cheap: One of the more popular models, the Snoo retails for $1,700, though enterprising parents can score one secondhand from friends, neighbors or relatives whose own children have outgrown it.

But last month, that hand-me-down network was dealt a blow when Happiest Baby, the company that makes Snoo, began charging for access to some of the bassinet's premium features -- features that used to be available to Snoo users indefinitely, at no extra cost. Now, access to the app needed to lock in the bassinet's rocking level, to track the baby's sleep and to use the so-called weaning mode, among other features, will cost parents $20 a month. The change has angered secondhand users and original buyers alike. On Reddit, the new subscription model has prompted review bombs, group brainstorms for collective action and detailed instructions for outraged parents seeking recourse. Some have taken to filing complaints with the Federal Trade Commission, Better Business Bureau and state-run consumer protection offices.

AMD agreed to buy server maker ZT Systems in a cash and stock transaction valued at $4.9 billion, adding data center technology that will bolster its efforts to challenge Nvidia. From a report: ZT Systems, based in Secaucus, New Jersey, will become part of AMD's Data Center Solutions Business Group, according to a statement Monday. AMD will retain the business's design and customer teams and look to sell the manufacturing division. Closely held ZT has extensive experience making server computers for owners of large data centers -- the kind of customers that are pouring billions into new AI capabilities. The acquisition will "significantly strengthen our data center AI systems," AMD Chief Executive Officer Lisa Su said in the statement.

An anonymous reader quotes a report from ExtremeTech: The family of a French mariner who died on the imploded Titan submersible last year has sued Titan's maker, OceanGate Expeditions, for more than $50 million. The lawsuit claims OceanGate is responsible for explorers' suffering immediately preceding their deaths, as well as for failing to disclose the extent of the submersible's risks. Among those risks are Titan's cheap materials, including the $30 Logitech gaming controller used aboard the vehicle. [...]

The lawsuit points at Titan's "hip, contemporary, wireless electronics system" and then alleges that none of the controllers or gauges inside Titan would operate without a constant source of power and a wireless signal. One of those controllers was a modified Logitech F710 Gamepad, a $30 to $40 device designed for, well, gaming. The gamepad quickly became the subject of internet mockery following the loss of Titan; some speculators said the submersible must have been doomed to fail if it used such cheap components. The lawsuit even claims the controller's Bluetooth (rather than wired) connectivity set it up for failure. Still, other speculators believe the controller wouldn't have had much impact on the submersible's operational durability. Instead, the issue would have been with the vehicle's carbon fiber pressure cylinder, which Rush allegedly bought off Boeing at a discount after the material passed its "airplane shelf life." Regardless of the exact material, it seems the consensus among members of the public is that for OceanGate, quality was an afterthought.

With its hardware event on Tuesday, Alphabet's Google is trying to outshine Apple's annual iPhone launch -- and is letting longtime executive Rick Osterloh take center stage. Bloomberg: Osterloh, the former president of Motorola who joined Google in 2016, will helm the first major product launch after the company this year unified under his leadership the teams developing hardware and the Android operating system. The reorganization expanded Osterloh's influence in the company and signaled that Google intends to compete in hardware for the long term.

In a sign of a more aggressive push into consumer devices, Google moved up its annual flagship Pixel smartphone launch to August from October, preempting the next Apple. iPhone debut and seizing attention during a typically quiet period for the industry. [...] By holding its hardware showcase a month ahead of the iPhone maker's largest annual event, Google is "frontrunning Apple and also making a statement that we are likely way ahead of what Apple will show for iPhone 16 at least," said Mandeep Singh, an analyst with Bloomberg Intelligence.

Google has at least a six-month head start on Apple, which has invested less in AI over the years than some of its Big Tech peers, he added. Google's strategy -- tying together the development of hardware, software and services -- carries echoes of Apple's successful approach to designing devices. Yet, as Osterloh seeks to capitalize on the opportunity presented by AI, he faces a perennial challenge for Google: bringing the fight to Apple without threatening key relationships with hardware giants such as Xiaomi that rely on the Android operating system.

An anonymous reader quotes a report from Wired: Security flaws in your computer's firmware, the deep-seated code that loads first when you turn the machine on and controls even how its operating system boots up, have long been a target for hackers looking for a stealthy foothold. But only rarely does that kind of vulnerability appear not in the firmware of any particular computer maker, but in the chips found across hundreds of millions of PCs and servers. Now security researchers have found one such flaw that has persisted in AMD processors for decades, and that would allow malware to burrow deep enough into a computer's memory that, in many cases, it may be easier to discard a machine than to disinfect it. At the Defcon hacker conference tomorrow, Enrique Nissim and Krzysztof Okupski, researchers from the security firm IOActive, plan to present a vulnerability in AMD chips they're calling Sinkclose. The flaw would allow hackers to run their own code in one of the most privileged modes of an AMD processor, known as System Management Mode, designed to be reserved only for a specific, protected portion of its firmware. IOActive's researchers warn that it affects virtually all AMD chips dating back to 2006, or possibly even earlier.

Nissim and Okupski note that exploiting the bug would require hackers to already have obtained relatively deep access to an AMD-based PC or server, but that the Sinkclose flaw would then allow them to plant their malicious code far deeper still. In fact, for any machine with one of the vulnerable AMD chips, the IOActive researchers warn that an attacker could infect the computer with malware known as a "bootkit" that evades antivirus tools and is potentially invisible to the operating system, while offering a hacker full access to tamper with the machine and surveil its activity. For systems with certain faulty configurations in how a computer maker implemented AMD's security feature known as Platform Secure Boot -- which the researchers warn encompasses the large majority of the systems they tested -- a malware infection installed via Sinkclose could be harder yet to detect or remediate, they say, surviving even a reinstallation of the operating system. Only opening a computer's case, physically connecting directly to a certain portion of its memory chips with a hardware-based programming tool known as SPI Flash programmer and meticulously scouring the memory would allow the malware to be removed, Okupski says. Nissim sums up that worst-case scenario in more practical terms: "You basically have to throw your computer away." In a statement shared with WIRED, AMD said it "released mitigation options for its AMD EPYC datacenter products and AMD Ryzen PC products, with mitigations for AMD embedded products coming soon."

The company also noted that it released patches for its EPYC processors earlier this year. It did not answer questions about how it intends to fix the Sinkclose vulnerability.

Cisco will cut thousands of jobs in a second round of layoffs this year as the U.S. networking equipment maker shifts focus to higher-growth areas, including cybersecurity and AI, Reuters reported Friday, citing sources. From the report: The number of people affected could be similar to or slightly higher than the 4,000 employees Cisco laid off in February, and will likely be announced as early as Wednesday with the company's fourth-quarter results, said the sources, who were not authorized to speak publicly.